[universal] Update urllib3 package due to GHSA-g4mx-q9vg-27p4 (#843)

alexander-smolyakov · web-flow · commit ffea7d770d4e · 2023-11-07T16:41:19.000-08:00
* [patch-python] Bump `urllib3` version to address CVE-2023-45803 * Add test * Restart checks * Restart checks * Restart checks
diff --git a/src/universal/.devcontainer/local-features/patch-python/install.sh b/src/universal/.devcontainer/local-features/patch-python/install.sh
@@ -44,3 +44,6 @@ update_package() {
 
 # https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40897
 update_package /usr/local/python/3.9.*/bin/python setuptools 65.5.1
+
+# https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45803
+update_package /usr/local/python/3.10.*/bin/python urllib3 2.0.7
diff --git a/src/universal/test-project/test.sh b/src/universal/test-project/test.sh
@@ -189,6 +189,7 @@ ls -la /home/codespace
 ## Python - current
 checkPythonPackageVersion "python" "setuptools" "65.5.1"
 checkPythonPackageVersion "python" "requests" "2.31.0"
+checkPythonPackageVersion "python" "urllib3" "2.0.7"
 
 ## Python 3.9
 checkPythonPackageVersion "/usr/local/python/3.9.*/bin/python" "setuptools" "65.5.1"
